manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST data beginning with an "m_id=1 AND SLEEP(5)" substring.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-07-22T17:00:00

Updated: 2024-08-05T09:29:51.698Z

Reserved: 2018-07-22T00:00:00

Link: CVE-2018-14501

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-22T17:29:00.363

Modified: 2024-11-21T03:49:12.240

Link: CVE-2018-14501

cve-icon Redhat

No data.